Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-30987
Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows malicious users to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters.
NA
CVE-2024-30988
Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows malicious users to execute arbitrary code and obtain sensitive information via the Search bar.
NA
CVE-2024-30980
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page.
NA
CVE-2024-30981
SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows malicious users to run arbitrary SQL commands via editid in the application URL.
NA
CVE-2024-30983
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file.
NA
CVE-2024-3804
A vulnerability, which was classified as critical, has been found in Vesystem Cloud Desktop up to 20240408. This issue affects some unknown processing of the file /Public/webuploader/0.1.5/server/fileupload2.php. The manipulation of the argument file leads to unrestricted upload....
NA
CVE-2024-28556
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote malicious users to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.
NA
CVE-2024-28557
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote malicious users to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
NA
CVE-2023-48710
iTop is an IT service management platform. Files from the `env-production` folder can be retrieved even though they should have restricted access. Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module. The `pages/exec....
NA
CVE-2024-3706
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This vulnerability allows an malicious user to view a php backup file (controlaccess.php-LAST) where database credentials are stored.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »